Pegasus Systems (“we”, “us” or “our”) recognises the importance of data protection and privacy and is committed to them both.
Pegasus is the Controller of data relating to its own staff, supplier contact data and customer contact data. For clarity, Pegasus also act as a Processor, fulfilling Processor duties, only where contracted to do so by a Controller (our client/customer) whose data is processed and stored within the Pegasus application.
2. Why we collect, hold, use and disclose personal information
We collect, hold, use and disclose personal information for purposes relating to the promotion and supply of our products and services. A feature of the products and services that we offer is to store and hold information, some of which may be personal.
For example, we may collect, hold, use and/or disclose your personal information for the purpose of:
Establishing identity within our products;
Performing necessary identity and security verifications within our products and services;
Processing transactions and conducting business;
Generally delivering products and services, such as providing customer support and services, such as training;
Providing a hosted application service;
Providing you with information such as product update notification;
Improving our products, services and service delivery, including for better understanding your needs, interests and suitability for various products and services;
Recommending specific products and services that may meet your needs;
Responding to issues, questions, and queries;
Converting personal information contained within product data from a third party or Pegasus product(s) into another Pegasus product(s).
Protecting you and us against errors or fraud; and
Complying with our legal or regulatory obligations.
3. What kinds of personal information we collect and hold
The kinds of personal information about you that we may collect and hold include your; contact details, payment details, bank account details, and service related information. Our products may also contain personal data including but not limited to, full name, email address, date of birth, annual leave entitlement, remuneration details, emergency contacts, and other staff details. Where you do not provide us with all or some of your personal information that we request then we may not be able to supply our products or services that you require.
4. What website visitor information we collect and hold
We use a range of third-party tools [including cookies and session tools] to collect information about visitors to our website https://www.pegasussystems.com (“Website”) or our Pegasus Freshdesk Support Portal. For example, when you visit our Website or Freshdesk Support Portal we may collect your server address, domain name, operating system, browser type, pages accessed, documents downloaded, previous visits, referring website, and visit date and time. We collect and hold this information for the purpose of maintaining and improving our services and enhancing your experience browsing our Website. You may set your browser to disable cookies but some parts of our Website may not function properly if cookies are disabled.
5. How we collect and hold personal information
We collect and hold your personal information either directly from you or from information entered into our products. For example, we may collect your personal information from you in person when you visit our office or by mail, telephone, email, Freshdesk, ftp, using our website or other communication with you.
Personal information is stored in our products through the standard operation of our products. In the course of supporting or delivering a required service we may also request system data or log files be sent to us. Your Pegasus system may also be hosted in an environment where we have access to system data and log files.
We may request data which contains personal information be supplied to us in the process of delivering a service such as a data conversion.
We hold personal information that we collect in both physical and electronic storage facilities including paper-based files and computer databases.
6. How we disclose personal information
We may disclose personal information to our affiliates, subsidiaries, employees, contractors, agents, and service providers for purposes relating to the supply of our products and services. For example, we may disclose your personal information to:
Third party providers for the purpose of providing you with support for our products or services that you require; and
Third party suppliers in the course and for the purpose of providing a product or service that you require.
Some third-party providers may be located in jurisdictions other than yours.
We will not sell or rent your personal information to any third party for marketing purposes without your consent.
7. How we protect personal information
We protect personal information that we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure using both physical and electronic security measures which include secure premises, locked cabinets, secure databases, password access, anti-virus software, data transfer encryption and firewalls.
You provide us with your personal information over the Internet at your own risk as the security of such information cannot be 100% guaranteed.
8. How you may access, correct and update your personal information
You have the right to request access to, and correction of, any of your personal information that we hold. You should promptly notify us if you become aware that any of your personal information that we hold is inaccurate or out-of-date.
If you wish to access, correct or update any of your personal information that we hold, please either contact our Helpdesk using the contact details below or directly amend the information stored within our products.
10. Where we store data
Where we provide services to host our products in the cloud, we store data in data centres in your region.
11. Where we transfer data
We will not copy your data outside of your region without your prior explicit written permission. For example, data hosted in the USA remains in the USA, data hosted in Europe is not copied outside of Europe and data stored in APAC is not copied outside of APAC.
12. Our data protection processes
We have an internal data protection policy which is reviewed annually. All staff who have access to data are trained. Our processes include:
processing personal information only where this is strictly necessary for legitimate organisational purposes;
collecting only the minimum personal information required for these purposes and not processing excessive personal information;
providing clear information to individuals about how their personal information will be used and by whom;
only processing relevant and adequate personal information;
processing personal information fairly and lawfully;
maintaining an inventory of the categories of personal information that we process;
keeping personal information accurate and, where necessary, up to date;
retaining personal information only for as long as is necessary for legal or regulatory reasons or for legitimate organisational purposes;
respecting individuals’ rights in relation to their personal information, including their right of access;
only transferring personal information outside the originating region in circumstances where it can be adequately protected;
the application of the various exemptions allowable by data protection legislation;
developing and implementing an Information Management System to enable the policy to be implemented;
where appropriate, identifying internal and external stakeholders and the degree to which these stakeholders are involved in the governance of our data management.
the identification of workers with specific responsibility and accountability for the Personal Information Management Systems.
the regular training of staff who may have access to Personally Identifiable Information on best data security and privacy practices.
promptly notifying customers in the event that any unauthorised person has obtained or attempted to obtain personally identifiable information.
13. Pegasus products and data privacy requirements
Our products are extremely flexible; as a result it is possible to configure them in ways which may or may not conform to data privacy requirements in your organisation and/or in your region. It is your responsibility to configure the products appropriately. Where you need assistance to enable the product to comply with your specific business or regional legislative requirements, you may contact us for product assistance (see below for contact details).
14. How to make an enquiry or complaint
If you have an enquiry or complaint about our handling of your personal information, please contact our support team who has responsibility for being the first point of contact with such enquiries and complaints.
15. How complaints are processed
All complaints are initially handled by the support representative. If you are not satisfied with the outcome, you may request that it is escalated to the Pegasus management team. A member of the management team will contact you regarding your complaint. Ultimately the issue may be escalated to the General Manager of Pegasus.
16. How to contact us
You may contact our Helpdesk using the contact details below: